Bitcoin Forum

1. Now Myetherwallet was hacked by random password algorism.
2. It is possible to pass the Ledger nano's recovery sheet.
3. Hacker can buy another ledger nano wallet.
4. They can put the hacked recovery word to the new wallet.
5. Our asset is stollen easliy.
6. Paper wallet( Bitaddress ) is also same above.

Am I much strict?
I dont know how I can keep my coin perfectly safe.
I know there is no perfect about anything in the world.
But can you notice the best way to keep the coin safe? 
Or can I make the hardware wallet only for me?
I can do programming and machining material because I am a engineer.
Thank you for reading my long question.
Have a nice day :)

If you give access to your online bank account or authorize someone to take your bank balance then who is responsible in here. Your ignorance of course.
The same is here. If you are too naive to keep your seed of a hardware wallet safe then you deserve someone to steal your fund. Your scenerio is not very practical to me.

You could be an engineer ( not sure in which sector) but your basic is very poor I think. Don't overdo anything. Being an engineer I hope you know "KISS" is something to find a solution.

Thank you for your detail and perfect answer.
What is KISS ? I'm Korean. Google say KISS is Korean journal. Is right? Or can you explain it?

If you are looking for the best to keep your coin safe hardware or cold wallet is the best option.

Ledger nano S and Trezor is the best hardware wallet nowadays.

Yes, if you don't want to spend to buy a hardware you can try cold wallet like Electrum wallet you can install Electrum on Android mobile and keep it offline as your hardware wallet if you want to make a transaction you need to make a raw and sign transaction with your Electrum cold wallet and then broadcast it to any broadcasting sites.

A hardware wallet with proper saving the recovery seed will give ease for the safety of your funds. I'm using a hardware wallet since 2016, and there's no single case of me related to hacking or losing funds because someone got access to my seed(s) or private keys.

Take note that only use and buy a hardware wallet which is used and proven for its reputation since there are to many company released and made there own HW, only use such as Ledger (nano s) and Trezor (all model).

For the safety of your wallet, don't ever save it to any online drive, emails or whatsoever connected on the internet, not unless it's protected with a strong password, write it on a piece of paper and store it somewhere safe on your place.

The whole point of hardware wallet is that the private keys are held by a separate device and malware can't steal them. Like you are saying, hardware wallets don't guarantee perfect security, there still can be bugs, tampering and forgeries. But with same reasoning, no wallet setup is 100% safe, and in the end it largely depends on the skill of a user.

If you personally don't trust hardware wallets, you can just get an old laptop or computer, remove the hard drive and use it as cold storage by running Linux from USB stick and never connecting this system to the Internet.

Thank u for best answer.
How I can make USB wallet by myself?
Can I get detail way about that?

Calling it "USB wallet" is not correct, it's not like a hardware wallet, it's just having a dedicated computer for running Bitcoin wallet without any Internet connections - you sign transactions on that computer and then broadcast them from some other device. Electrum has a good guide for it: https://electrum.readthedocs.io/en/latest/coldstorage.html

Yes, this will be your best answer.
Seeds and private keys are always unique so you are already safe. Now, how to keep it. Like what he said. Paper. Go old school. Jot it down.
That is the safest unless your wife knows about crypto currency too.  ;D


This is money related discussion so it is really good to be strict about it. Next to God is always money.  ;D
You may continue your questions and there will be a lot of good people here that will answer you.

You don't need to be afraid or paranoid about saving your coins in the hardware. As long as you can follow the procedure for storing your coins, you don't have to worry about the bad things. There is no 100% guarantee for feeling safe for anything in this world, but we can prevent and minimalize from those bad things so you can access your wallet every time you want. The only way you will be saved is to moves your coin in the wallet, keep it in a deposit box, don't connect that hardware wallet to the internet for a long time. But the matter is, can you do that for yourself? I guess you don't. So you don't have to be scary for the wrong things because you will save if you can make sure if it is safe.

Yes, since hardware wallet is the safest wallet we can use to store our funds.
There is no guarantee for its safety but it all depends on how we keep it. The security of hardware wallet begins with its user. There is no need to worry about how long you will keep using it as long as you are using it on your own personal computer, also, it automatically disconnect if the user is inactive in using it.

If you are deeply concerned on such cases just go for those wallets that are proven wiser and defensive.

Such as Trezor where it has a high positive and deniable feedback of getting hacked or anything like scams going on with other wallets manufacturer.
Just do not store your private keys, passwords on anything with internet access specially due to keyloggers or data extraction from your pc.

How did the hacker get access to your recovery seed? The chances of that happening are really low! If you've been careful enough in storing your recovery seed, there's no way a hacker could get to it. Use a good hardware wallet, and a good recovery seed storage solution to store your mnemonic. There is CryptoSteel, BillFold, Cobo Tablet - so many options.

It's possible that OP accidentally leaked any information of his wallet without him knowing. Chances are low but once any information has been leaked, your money will be gone so easily. Using a good hardware like trezor or ledger will be a big help, I've been using my ledger since 2017 and I have never encounter any difficulties or being compromised.

I guess you could ask the veterans here.

If it is not safe then they won't be staying here anymore.
There is not much of a choice into where you could store your bitcoin after that.
Of course not exchange, they could just vanish easily with your coins in it.
Not the centralized wallets too. They might say they got bankrupt and that is it. Goodbye bitcoins.

Hardware wallets had been used for a long time and there are living proofs here.  ;D

Here's a tip. If you don't know how to make a "USB wallet" a.k.a. your private keys are saved on a flash drive, I really suggest that you do not do it. It can be easy to do it, but it's going to take a good amount of knowledge to make one in a secure manner.

Seriously, just go the easy route and purchase a reputable hardware wallet, and just don't save your recovery seed digitally, and you're going to be mostly fine.

Hardware wallet is considered to be on the top list when we talk about the safest way to secure cryptocurrency but of course one of the biggest problems is when holders are not so careful with the necessary information to be able to use the wallet. I was once a victim of phishing because I was not aware of it before, those days of my naivety. At all times, we have to be always informed of the latest developments pertaining to hacking and how we can all avoid them and not become part of the victim statistics. This is one hell of an industry where a concentration of hackers, phishers and scammers is quite high.

This is interesting, so I can store my bitcoin on my android phone using the electrum cold wallet without having to buy any hardware wallet. I am just thinking about how safe this will be! With your explanation. I just need to disconnect the phone from the internet to making it a true cold storage.

I saw few responses that question the hacking, none of the hack is as easy as being put there. Most can be more from someone close, and if one is not safe the close relatives with its cryptocurrency the hardwallet system cant be safe also. I also think storage of cryptocurrency for altcoins is usually as long as being put, experienced investor always look for the exit price. Hardwallet does not make it as accessible for sale as when due

Basically for me, the problem to that particular solution will rely not on the technical side of being responsible or keeping your ledger safe. I see, you have your phrases getting accessed by a hacker. That is the simple thing you need to focus on. If you want to secure your funds in ledger nano, then you should follow their instruction. Do not post or type your phrases electronically. I rather suggest not writing it to the main paper they've provided because people would already know that it is from a ledger's account. What if you write it to other piece of paper and make it look like a sentence?

you can always ( and should ) reset your new wallet and get a new passphrase
they call it "Set up a new device" and it resets your seed and you won't be threatened by any MITM hacker attacks :

https://support.ledger.com/hc/en-us/articles/360000613793
also try to buy your hardware wallets from the official vendors only , there were stories about people buying relatively cheap wallets from EBay or Aliexpress
and then getting the passphrase substituted and funds stolen , because they didn't do what I said above
this said , hardware wallets are one of the safest ways to store AND use your crypto

I used few months mobile electrum wallet but i found some bug but now it's new upgrade and i think as cold storage mobile wallet it's safe.
I am not familiar in mobile wallet to store my money so i will suggest ledger nano s. I strongly believe Hardware wallet will provide best safety.

Hardware wallet is at least much more safe than others. But you should have basic computer security knowledges too

We can understand that you have least knowledge about the add valid and how to using it. Generally if you keep your wallet away from the uses of friends whom you feel they are not safe. Apart from your close ones hacking your wallet is not possible unless and until you are providing the access for using the wallet and saving your phrase or private key on any online sources.

in this online world, every individual is in charge of his or her own safety in terms of keeping your wallet and funds safe and secured. It doesn't really matter if you are either using a hardware wallet or an online wallet, once you share your wallet details with a third party, your funds will definitely by stolen. In this part of the financial ecosystem, your safety of your money is in your own hands.  Hacking is only possible when you make yourself available or share personal details related to your wallet or account details. Hackers always need your permission before they can actually have access to your wallets or online accounts.

I don't think that all of the blame will go to the victim. Eventhough ignorance is the beginning of hacking, we should not blame them since they just think that everything in MEW is secured. He had a lot of trust and I think that belief from security that wallet can give will break by ruthless hackers. All of funds must be kept safely but sometimes accidents are not in our hands.

No one will safe on the internet if you are lazy and irresponsible of keeping your password and private key anywhere else that didn't safe.
At this time, the safest wallets are hardware wallets and cold wallets just like Trezor, Ledger Nano, Keepkey and Paper wallet but this is too sensitive if you are storing your bitcoin. These could be a safe method of storing your coins if you know how to use it. You should use a clean and internet-enabled computer or device when you plug in these wallets to avoid possible malware hacking.

Yes, you can create your own wallet through Paper wallet but remember this always, “NOT your KEYS, NOT your CRYPTO".

The Hard wallet is secured and cannot be hacked by the hacker, Because it is not connected to the internet when you are not doing a transaction.

And I think all you have to pay attention to here is your Personal Computer because if it already has malware it's easy for hackers to copy important information to your PC.

That concluded nothing is safe, isn't it? The safety belongs to the users who take utter precautions in whatever they're doing. If you're a very tech-savvy person, you wouldn't even need any hardware wallet to secure your coins. Run an old Linux Distro on a spare laptop with the bare minimum applications and use it as an offline storage server for all your coins. That should be secure enough? If you keep your coins on exchanges, online wallets, and other such services that you don't have control over you are at a potential security risk.

The wallet should work with only one computer, maskably clean, without additional programs.

You only need to connect to a very reliable access point to the Internet. How to check it?

Unfortunately, modern technology provides fake security.

Yesterday, once again, we received news about the dangers of a VPN connection.

Read:

[06.12.2019] University of New Mexico specialists released information on a vulnerability affecting Ubuntu, Fedora, Debian, FreeBSD, OpenBSD, macOS, iOS, Android, and other Unix-based operating systems. The problem allows you to listen and intercept VPN connections, as well as inject arbitrary data into IPv4 and IPv6 TCP streams.

The vulnerability that received the identifier CVE-2019-14899 is associated with the network stacks of Unix-based operating systems, in particular, with the way the OS react to unexpected network packets.

https://seclists.org/oss-sec/2019/q4/122

This news makes you wonder, is it possible to use the modern Internet safely?

They are safe if used properly. even the creation of paper wallets unless done properly are not 100% and if the paper is destroyed or unable to be read the key is gone forever. further, When using a paper wallet you trust the environment you're using it on both when generating the keys and when spending. it's possible to be safe if you audit the key generation code carefully and maintain a perfect digital hygiene when spending. therefore, hardware wallets are typically as safe as isolated minimalist computers can be.

-----------------
Absolutely agree. The hardware wallet is the best. Paper is not a good option, but better than electronic wallets. It must be remembered that the key is not stolen in hardware or paper storage. It can be stolen at the time of use. Any key storage technology remains dangerous precisely because of the keys. This is how life shows. The future lies only in keyless technologies and passwordless authentication. There are simply no alternatives.

I need proof of #1 because I could not find anything that supports it. As for Ledger Nano, I have mine at home, but I have not tried using it yet, and so far I am not very good at it, so I cannot answer your question. But I think that if it was that easy, it would not be so popular, so the answer is probably "no". I think that in general people get hacked when they are being too negligent, not because that tiniest chance of a hack when a person is doing everything right occurs. So if you use a reputable wallet, don't show around your private keys or set a strong random list of numbers and letters password to it, you'll most likely be fine. Other things are like "what if someone blows up my apartment" kind of cases: it might happen, but it's too unlikely to focus on that. At least, that's how I see it.

Always remeber that no system is safe for hackers, so every crypto wallet that you create through online or in the internet, hackers will definitely find a way to steal all of your funds or your personal informations. Hardware wallet like ledger will definitely help you to solve this kind of problem of yours because it will be difficult for hackers to steal all of your funds if you are using an offline wallet.

right . there is no perfect on this world so hardware wallets can get failed to give a good security sometimes but they are beyond perfect and better to use than compare to online wallets  so i will still prefer and recomend them to you  . mew can be easily hackable yes thats true but i think depending on what method you use to acces you your mew  . some methods are more secure other than private keys but also depending on the users activity if he is exposing his private key to the public or not  .

So, if you take a sober look at these dialogues, people are constantly preoccupied with their own safety, all their lives they must be careful! As if stole something. We were forced to choose a model of behavior when we are forced to hide our secrets "under a stone, in a cave."

So, in the 21st century, we come to the need to use paper to store digital information (!). We must protect our hardware wallets from our own means of communication.

It seems that modern means for our communication are specially made to have countless holes. Nobody is able to darn them.

Well, is it really possible to accidentally make such crap that people are forced to either remember in their head or write down information?

Look soberly, this is a disaster that we do not notice, we consider something quite normal, modern.
This is not the norm.

These are obvious flaws in our entire digital civilization that need to be corrected, but there is no one to review all the fundamental concepts of our digital systems.

My friend have recommendation for me to use hard ware wallet keep save my altcoin assets and they have told me very safety using hard ware wallet for saving our assets, I will buy hard ware wallet than have save my assets on myetherwallet, I think have good way if saving assets by using hardware wallet than keep with exchange wallet online because some one can hacked when we use wrong link for access to our wallet.

Well, the most safety at the moment is still the hardware wallet despite the fact that nothing is perfect and whatever is made by man is subject to abuse but with extra precaution, you can mitigate this

I using online wallet but most of my funds are in hardware wallet and it is ledger s nano. I bought my ledger nano in online and that there is a risks of hacking that's why I reset it. If you will buy hardware wallet make sure that you will reset it because you do not have guarantee that the hardware wallet is vulnerable to hackers. There is an issue before about buying hardware wallet in online so be sure that if you will buy hardware wallet make sure that the seller is legit.

basically no wallet whatsoever is safe from hacking. but I think that now wallet hardware makes it possible to minimize losses. so even though there are wallet hardware owners who experience hacking it's not much in number

Hardware wallet can be controlled properly as you have the private key and you are the one who's facilitating the system. Unlike with exchange and
online wallets as it's own by the exchange or the site owners where it can be hacked and you don't have  any idea when or how things can be done,
the owner can declare bankruptcy or inside job can happened.

I honestly never heard of hardware wallet being hacked despite rumoured to have some kind of hardware problem that could lead to security breach but it's still too difficult for someone to hack it and will definitely take a lot time. The most possible scenario is probably if the owner somehow forced to send it and that's robbery which definintely have really low chance to happen because no one have clue regarding your crypto possession.

There is a clear instruction that says, once you have your hardware wallet, you should be the one to set up it. You won't use a hardware wallet that is already set up because basically it is already used by others in which they have the passphrase of it. If you want to secure your funds, it is not enough that you just have a hardware wallet, you need to understand how that hardware wallet is also working. You need to know its limitations even if it already provides the maximum security for your funds because no system is totally safe.

You are probably talking about cases where the hardware wallet arrives with an already pre-created seed and you simple continue using it that way, which you should never do. Things like that can happen if you buy your wallet from some third party and not from the official source or an official Amazon re-seller. You and only you should know the seed, not have one sent to you.

------------------
Hardware wallets are also vulnerable. They are built from the same elements as the entire digital hardware world.

Everyone knows this information:

Cyber-experts from Wallet.fail discovered a number of vulnerabilities in the Trezor and Ledger hardware cryptocurrency wallets. As a result, they managed to carry out a series of successful wallet attacks during the Chaos Communication Congress in Leipzig.

And again, bad software, how could without it:

Experts said that vulnerabilities lie in software and hardware, firmware, software architecture and web interface.

During the demo attacks, the Wallet.fail team managed to extract the PIN and mnemonic core from RAM Trezor, remotely sign the transaction and crack the Ledger Nano S bootloader, and intercept the Ledger Blue PIN.

All that remains for skeptics is to verify this information on their own.

Really, you need to close your eyes to these facts, and continue to convince yourself of the absolute safety of "wallets" and key obsolete technologies?

Alternative here (my topic): https://bitcointalk.org/index.php?topic=5204368.0

Nothing is 100% safe and nobody is claiming that it is. But there are safer and less safer options. A hardware wallet is safer than a web and desktop wallet. I don't think this is something that needs arguing about. The vulnerabilities you mention require special hardware and in some cases physical access to the device. Also, the Ledger Blue has been discontinued and is no longer part of Ledger's products portfolio. 

----------------------------
You have to deal with your safety yourself.
Are you sure that all vulnerabilities, all holes - will be unveiled right there. Hang on a noticeboard? What's the point?

The meaning is only to those who are on the white side. People on the black side will not tell you anything. Is it logical?

It’s not a matter of whether the fraudster is tracked or not. Even if they are tracked, even if they are found, this will be only a separate episode. This is not a solution to the problem.

The fraud system itself will not disappear with the capture of any number of these characters. The system itself, contributing to the spread of bitcoin theft, is based on the fact that you "have a safe key" in which the money is.

The key is your concern and your fraud problems.

For this reason, an alternative (my topic) to key technologies is proposed - keyless technologies. But, so far, few people perceive it, everyone is waiting for the "thunder to strike." Who is creative, see here:
https://bitcointalk.org/index.php?topic=5204368.0

You hide the key. This works well when you do not need to use bitcoin.

Then, when you use bitcoin, you send the key hash - to some server. The fraudster does not need your key in its original form. He needs this particular key hash. Because the server does not know your key, it knows the key hash.
Further, the scammer makes a phishing attack, receives a key hash, and all your money is almost certainly lost.

Yes, a modern phishing attack provides the same encryption between the client and the phishing server as the original server. Therefore, if they managed to attack you, it means that you will exchange encryption keys with a phishing site, so you have established a “secure” communication channel, but with a phishing site, and pass the hash of your key on it.
It's all.
Woo a la.
And what was the point of storing it in a hardware wallet if it was stolen at the time of its use?

Not convincing? Here are the facts from today.

[10:27, 12/08/2019]
According to the annual Security Intelligence Report prepared by Microsoft, the number of phishing attacks in recent years has grown three and a half times.

What happened?
Are there more nonchalant people or are scammers working better?
Try to answer this question.

Customers of banks, payment systems and telecom operators are increasingly becoming victims of phishers. Internet fraudsters gain access to confidential user data (logins, passwords and plastic cards), directing potential victims to fake sites and services.
Check here:
 https://www.microsoft.com/securityinsights/

Obviously, if you have a key "from the safe where the money is", they will always hunt for this key.

This is a phenomenon. And you need to fight with the phenomenon, not with the fraudster. 2 new ones will always come to the local 1 caught fraudster.

You are talking about phishing. Phishing and hacking isn't the same thing. If someone gets phished it is solely his/her fault because he/she wasn't careful enough and entered private information into a fake site without noticing that it is fake. This is not hacking.
You get hacked depending on how secure your hardware and software solutions are and how skilled the person performing the hack is. 

A successful attack would be if someone was able to empty my hardware wallet right now without me knowing how and what happened.
If I enter my seed in a fake software or on a website that is not hacking. That is me being phished because I can't read and understand basic instructions.

--------------------------------------
Yes, you are absolutely right. I did not specify the difference.

A attack on the TLS protocol with which you establish a secure connection to the server.
This is phishing or hacking, or both.
Indeed, in such a situation, you will give the hashes of your private data, and the https icon will be displayed. Is it possible to know by heart all the sites that you visit. And even if you know, the listener in the communication channel will still do his dirty work.

[15:14, 12/10/2019] A team of researchers from the Worcester Polytechnic Institute (USA), Luebeck University (Germany), and the University of California at San Diego (USA) discovered two vulnerabilities in TPM processors. Exploitation of problems, collectively called TPM-FAIL, allows an attacker to steal cryptographic keys stored in processors.
This chip is used in a variety of devices (from network equipment to cloud servers) and is one of the few processors that have received the CommonCriteria (CC) EAL 4+ classification (comes with built-in protection against attacks on third-party channels).

And then they attack our ECC (cryptography on elliptic curves):
[15:14, 12/10/2019] Researchers have developed a series of attacks, which they call “timing leakage”. The technique is that an attacker can determine the time difference when performing repeated operations TPM, and “view” the data processed inside the protected processor. This technique can be used to extract 256-bit private keys in TPMs that are used by certain digital signature schemes based on elliptic curve algorithms such as ECDSA and ECSchnorr. They are common digital signature schemes used in many modern cryptographically secure operations, such as establishing TLS connections, signing digital certificates and authorizing logins.

“A local attacker can recover an ECDSA key from Intel fTPM in 4-20 minutes, depending on the access level. Attacks can also be carried out remotely in networks by restoring the authentication key of the VPN server in 5 hours, ”the researchers note.

Would such attacks (or not attacks) become possible in keyless encryption systems, in passwordless authentication systems (I mean not a biometric identifier, but a variable digital one)?

Yes, this is not hacking cryptography itself. This is key theft.

Some have already tried to successfully crack cryptography on elliptic curves, so they were immediately classified.
I mean the information with verifiable facts set forth in my 2nd post on the account of December 4, 2019, here:
https://bitcointalk.org/index.php?topic=5204368.40

---------------------------
Yes it is.
But that was an example.
Are you sure that the wallet that you use today is safe.
And if tomorrow they find a vulnerability?
And will they also be phased out?
Will you be calm from this?

But let's analyze.
Someone issued a wallet with vulnerability.
Nothing is known about this.
Someone uses this wallet - trusting him their secrets.
Then there is someone, a phenomenon unknown to us, which talks about the poor quality of the wallet.
And if this hero - didn’t tell us anything?
Did he have a right to this?
Yes, I did.
And does the new hero have the right not to tell us about the poor quality of the wallet that we use now.
Yes, there is such a right.

Therefore, our safety is not in our hands, but in the hands of unknown heroes?

Strange, but it is a fact.

These two users talking to each other above are probably the same person. If you check their post history they did this in other threads as well. Fake conversations with the intent to promote their service. Even the accounts were created in the space of just a few minutes apart. 

You are 100 correct.
It can be seen even from airoplane that they just pump up their post and make fake conversation to rank up faster probably

Their intent is to either get a merit or two from someone and rank up or they are paid to advertise whatever it is they are advertising. Similar to those fake ANN conversations that can be seen everywhere.

@witbla, @hwteeer
Yes, go on. You forgot to advertise whatever it is that you wanted to advertise. Let me guess... is it the 'Th***F**d Network' that keep popping up in your previous posts where you quote each other and answer each other's questions?

The witbla and hwteeer accounts are probably run by the same person. All you need to do is check the registration dates and the times they post.

@hwteeer, @witbla
Multiple Personality Disorder is a very serious psychological condition. I suggest you visit a doctor before it gets out of hand.
You are already asking yourself questions and than your other personality answers those questions.
https://www.webmd.com/mental-health/dissociative-identity-disorder-multiple-personality-disorder#1

Don't be ashamed to ask for help, it's OK.

Interesting revelation.
On the subject of which wallet to use, I would add the following.

When using any wallet you choose, you should always take extra precautions:   
1. Your wallet should be used from 1 of your device. It is not recommended to use from 2 or more devices.
2. From that one device which is used for work with a purse it is impossible to perform any other operations in a network, namely:
- never go to your email account;
- do not use GSM connection (this one device must not be your phone at the same time);
- don't have any messengers on it (!);
- only a clean licensed operating system:
- do not use (not once!) social networks (!!!!) in any form, no;
- do not put any antivirus;
- do not browse, never visit any sites (!), it is desirable not to use Google search, known American or unknown Chinese search engines (frankly speaking, I do not know what is safe to use);
3. never access the network from this device without a VPN (or TOR), not displaying your IP on the network.
4. Do not use an Internet access point if at least one other (your) device, home IOT devices, is connected to this access point).

Can you do all this in your real life? I don't think so.

Unfortunately, these are the most superficial security measures. They are not able to protect you 100% from programs stealing your manual movements on the screen of your device (stealing passwords and so on confidential data), because there are known vulnerabilities right in the devices you buy. And the more widespread your device is in the world, the greater the danger it can contain.

I won't lay out all the information on this issue, pay attention at least to the most obvious - Samsung's products, I won't write anything, who is interested in finding the last revelations at the end of 2019 and making conclusions himself.

In general, your safest hardware wallets are really the safest until you start using them. That's when the screen of your device - become the object of increased interest to spyware in your device, sometimes installed there - even before you buy it in the store.

Be vigilant!
Do not trust anyone.
Unfortunately...

good point as anything with access to other machines on the network can sniff packets and otherwise wreak damage to machines on it.

i have several access points for the various stuff.. one for ip cams systems, one for stuff like TVs, one for google/alexa stuff, one for other IoT (washer/dryer etc), one for guests, and one for my wireless computers and such.

none of the items on those access points can see the others. but stuff on the same AP can (usually) see each other as they usually need to.

EDIT: forgot to mention the obvious takeaway.. plus a separate AP for the rig you use the wallet on.

-------------------------------------------
Are you writing this seriously, or is this a joke on the subject?
It's good from a security point of view, but it's too deliberate.

For example, why make a separate point "one for things like google/alexa" when this service already transmits everything it hears to servers, even when you don't use it? All that this service hears is the same thing that anyone who attacks you will catch on the network.

If you're not kidding, you are very concerned about your security. I mean, if you have 10 access points, you probably have 10 routers. For security reasons, all of these routers must be connected to different wired networks on the Internet that are not associated with you or your residential address.
Is that possible?

The fact is that all routers are visible to the attacker. And if he notices 10 routers on one wire, he will immediately know where to look for you. Then it's a matter of technology, because all routers are good targets for a new attack vector.

The situation is even worse in the sense that in 2019 there were a lot of messages (I can even find them if you are seriously interested) about the vulnerability of the hardware of these devices, which has been exploited for 10 years or more!
 And, oddly enough, it was the encryption of the data packets themselves - transmitted over the network. There was something there with encryption keys sewn into the router. In general, in your case, this is also something that you should consider very carefully when choosing a router model.
 
There is no point in putting washing machines and TVs on different access points or guests. This only increases the risk of an attack on you, not decreases it.

But I think you were joking...

sniped a bit out but the short answer is no not joking. btw google mini has a hard switch to turn the mike off. and its usually off as i rarely use it.

yes there are a couple routers. along with straight wireless APs that (usually) do not allow connected devices to see each other. im not concerned about the main ip addy from the modem being shared among the various routers and such as i know they can be linked together. im not trying to hide from the government, just script kiddies, IoT crap with little to no security etc.

however your knowledge obviously exceeds mine. any suggestions to improve this? i mean this in all seriousness. im not super paranoid but since most I0T stuff never gets security updates what are my options?

------------------------
I am pleasantly surprised by your approach to your own information security. It's nice for me, because the vast majority of people don't deal with this issue. Everyone thinks, "I'm not gonna get caught up in this, there are a lot of people like me..."
What you're doing is respected, and not because your protection is holeless. It's because if everybody else did what you did, it wouldn't be as easy for crooks as it is now. Unfortunately, all people who carelessly about their own information security, whether they want it or not, play on the same side as the scammers. People like you are one in a million, and on my part, your actions are only respected!

Everyone else is becoming a donor to cybercrime. It is very rare that you are attacked as one person, all at once.  Often this happens automatically, with special programs that are constantly growing in quality and can be used by YOUNG MACHINES! This is the reason why news like this appears:

(my post Re: How long will existing encryption last? January 18, 2020, 09:32:13 PM - https://bitcointalk.org/index.php?topic=5209297.new#new).

- access to you or your data happens regardless of your desire or importance!
This is a fully automatic data collection. The program collects everything and for everyone!
It is done by both government and scammers (usually almost the same).

- On January 14th the FBI confiscated the domain WeLeakInfo.com for providing paid users with access to data leaked to the network as a result of a hack. The operation was conducted jointly with the National Crime Agency (NCA), the Netherlands National Police Corps, the German Federal Criminal Police Office (Bundeskriminalamt) and the Police Service of Northern Ireland.
"The website gave users access to a search engine to view confidential information illegally obtained from more than 10,000 data leaks, including more than 12 billion indexed records, including names, email addresses, logins, phone numbers and passwords," said the U.S. Department of Justice.
Excuse me, but that's on one site alone - 12 billion! More than we live at this time!

And the worst part is that all major corporations are doing it, without exception. I don't want to give all the information here, but I'll give you one fresh example:

- Facebook tried to buy Pegasus software from Israeli spyware manufacturer NSO Group Technologies in order to monitor the activity of iOS device users.
According to court documents published by NSO Group, Facebook intended to buy the spy software Pegasus, which can extract user data from cloud storage of Apple, Google, Facebook, Amazon and Microsoft. The data is being exported, giving software operators access to confidential user data. The data collected includes all messages and photos, login credentials, and device location information.
NSO Group has a very mixed reputation for selling its products not only to law enforcement agencies, but also to authoritarian governments that persecute human rights defenders and journalists. But according to the CEO of NSO Group Shalev Hulio, two representatives of Facebook contacted the company in October 2017 and intended to acquire the right to use certain features of Pegasus.
And if you still have illusions about the methods of protection offered to us by "our defenders", for example, 2FA, then it is not true, they are easy to do, read my post: "Re: Keyless encryption and passwordless authentication March 09, 2020, 11:46:56 AM":
https://bitcointalk.org/index.php?topic=5204368.40.

All protection is an illusion of security.
Your main defense is not to arouse interest in professional attackers. From this point of view, I would advise you to reduce the number of access points, especially if they are via a wi-fi.

I'm not a professional, I'm just keeping a close eye on the news on cyber security...

thank you for the detailed reply.

i wanted to reply in a bit more detail but ill just reply to this part (multiple wireless APs etc) for now.

i had though of the fact that a bunch of wireless individual APs and such in a single residence would be an invitation to see why. so my "solution" is to have most wireless APs in my basement on the floor. thus surrounded by concrete and dirt, so the only way for the signal to go (more or less) is up into the house space (which is the only place i want it seen), and not outside of the house footprint. as well as turn the power output as low as i can on device. thus minimizing  people driving by seeing the APs

low tech i know but its the best i can come up with.

-
The fact that you bricked your access points in the basement doesn't save you from attack.  Attacks only run on the network, on your ip.

I didn't believe it when I read how easy it was to attack an AP remotely using a ready-made program.  And I didn't believe that it could be done by someone without that experience or skill.  I was wondering if cheaters could act against me in the same way.

I found free programs on the usual Internet (not even on the Darknet), which find exactly the access point wi-fi, find on the network and around the world:
- or a map of the area;
- or an I.P. address;
- or simply a map of access points available for hacking in the country of your choice.

No way, I thought I found my access point and watched the program hack it for interest.  And the program did it all on its own.

This example showed me that even a person without special knowledge is capable of attacking access points.

For this reason, I don't see any point in shielding routers' radiation.

Try hacking your access points yourself.  You can find the program in Darknet yourself, I don't want to advertise these things.  I don't know how we can protect ourselves in the current paradigm of security systems.  We need to change the fundamentals.  And who needs this?

It is not that easy.
First, you need to define the scope. What exactly does count as an attack?
Attacking the availability is always possible (from within the range).
Attacking the confidentiality or integrity of the data is not as easy as you think.

Sure, if you are using outdated technology (outdated router or WEP), than it takes less than a few seconds to minutes to enter your network.
However, with an up-to-date router software and a proper encryption, there currently is no known way to intrude a network through 802.11x.

And that's exactly what we have in practice, a very large number of old devices that are vulnerable to the point that they are hacked by kids who play with programs like BackTrack and hack WEP protection within minutes, or WPA2-PSK with WPS enabled within a few hours. It all really depends on how good an ISP is when it comes to firmware upgrades or replacing old devices.

Actually i can't confirm that.
Since i am working in the field of cyber security, i occasionally wardrive (https://en.wikipedia.org/wiki/Wardriving) (basically scanning for wifi networks while walking/driving) out of curiosity.
A very small percentage (roughly less than 1%) is using WEP. The amount of WPS enabled is slightly higher, but definitely below 5%.

This might not be the case everywhere, but in my country that's what i could find out (not representative).

Even with Kali (the successor of Backtrack), a linux distribution designed for penetration testing, there isn't much you can do with the majority of Wifi networks.


However, i agree that with WPS enabled every somewhat techy kid could easily break into such a network. Checking the Settings for WPS and obviously also choosing a strong (non standard) password already adds quite some security.

Recent news on the subject. In general, there is so much news that it is no longer possible to reread everything. Oh, you don't have to. Everyone will draw conclusions for themselves.

Security researchers from ESET discovered a dangerous vulnerability Kr00k (CVE-2019-15126) in widely used Wi-Fi chips Broadcom and Cypress and affects more than a billion devices worldwide (smartphones, tablets, laptops, routers and IoT devices) using the protocol WPA2-Personal or WPA2-Enterprise with the encryption algorithm AES-CCMP.  Now Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi) and access points from Asus and Huawei are under attack.The Kr00k vulnerability is related to Key Reset attack (KRACK), which allows attackers to crack Wi-Fi passwords protected by WPA2 protocol (again keys, key technologies).

Huge problems with device shells that contain embedded vulnerabilities, such as embedded passwords and embedded SSH/SSL keys.  The advent of one such device in your home, including an IOT device that connects it to your home wi-fi, allows you to attack all other devices connected to the same access point (keys, passwords, technologies built on a key function).

And while there are no comments, here's the latest news on our password and key-based security:
AI-assisted password guessing! Cybercriminals are using ML to improve user password guessing algorithms. More traditional approaches, such as HashCat and John the Ripper, already exist and compare different variants of the password hash to successfully identify the password that matches the hash. However, using neural networks and Generative Adversarial Networks (GAN), cybercriminals will be able to analyze vast sets of password data and generate password variations that match a statistical distribution. In the future, this will lead to more accurate and targeted guessing of passwords and a higher chance of profit.

In a February 2020 clandestine forum post, we found a GitHub repository that has a password analysis tool with the ability to parse 1.4 billion accounts and generate password variation rules.
In addition, we also saw a post listing a collection of open-source hacking tools that have been hacked [...] to. Among these tools is AI-based software that can analyze a large set of password data from data leaks. This software ensures that it extends its ability to guess passwords by teaching GAN how people tend to change and update passwords, such as changing "hello123" to "h@llo123" and then to "h@llo!23".